Mass scale internet censorship in Russia also started with the premise of "protecting the children"
When you put in law that ISPs should adhere to some government-provided blocklist, this is already a game over. No matter how sane your government is. The government in 10 years might be vastly different, and the ability to control the ISPs is too alluring to not abuse
I'd rather live in a world where you could find words like "kill all russians", or child porn, or blatant propaganda than to live with the government censorship. I lived in Russia and the experience was nightmare. Who knows, maybe if the government didn't have the tools they had then the independent media would still be reachable by an average russian, the pictures of the pointless massacre would be public and the war would be over in a week
fascinating. And who is that mythical person in charge
I tried to delete my account on GitHub. I could not. The gdpr compliance email address they provide happily accepts emails but my account is still there, after more than 3 months.
Why am I writing this here? To show you an example of being powerless to the system. The only things I can do is things you can call "petty", like wearing a "Microsoft employees deserve Gulag" t-shirt. Since I tried many other options and failed multiple times
I don't have the answer about "what to do in 5 years"
But, I think in this year you can avoid reading HN if the news about AI hurt. AI only exists if you let it inside your brain, you can remove most of AI by not reading news
I tried running the elder scrolls Redguard, on wine, which launches windows version of dosbox with glide support. Redguard is a weird beast which is installed only with windows installer, but the actual game runs in dos mode
Everything works but the frame rate isn't great
If anyone knows a good Redguard setup for Linux please mail me, you can guess my mail easily. Now I just run the gog version
same on debian trixie. certbot works fine for me. Zone records in bind, generate the dnskey, cronjob to re-sign it daily and your off to the races. no problems no snaps.
to be honest, the only downside with this idea is that in case you succeed, you are left with a group of people who like killing elites (and who can switch their definition of "elites" to include you)
I had a bad experience with it. We hired a contractor and he
1. insisted on a pre-war version of ubuntu
2. insisted on the cockpit. So you no longer can modify the NFS exports over ssh, you need to connect to this HTTP abomination. Very nice. Always wanted to open more ports on my servers
Agree strongly. An expired cert is better than no cert.
Also would argue maintenance is only as complicated as you make it for yourself. Countless people keep patched, secure, https web servers running with minimal effort. If its somehow effort, introspect some on why you are somehow making so much work for yourself.
Might be a bit of each of us touching different ends of the elephant. To be clear I am talking about long timespans. Lets Encrypt hasn't even existed for a full decade yet. During that time it's dropped support entirely for the original acme protocol. During that time it's root certs have expired at least twice (only those I remember where it caused issues in older software). And that's ignoring the churn in acme/acme2 clients and specific OS/Distro cert choice issues and browser CA issues. Saying that there's no trouble with HTTPS must be coming from experiences on short timescales (ie, a few years).
HTTP/3 already doesn't allow anything but CA TLS only. It won't be too long before they no longer allow you to click through CA TLS warnings.
If human people want things to be on the web for long time periods those things should be served HTTP+HTTPS.
There is some kind of middle ground here.. My first HTML file still renders like it did on Mosaic. The HTTP server I used back then still works today 35 years later without maintenance. I do agree that HTTPS is a simple solution but there is too much cargo cult around it. Honestly I do not see the use to maintain everything published if you follow sane practices.
EDIT: I have 15 year old things at work that do not compile, you have to maintain it for sure, biggest problem is cryptography. I am not sure that unstable tech should be part of the application ever.
Unless I'm misunderstanding your point, your HTTP server from 35 years ago is still working today without any maintenance?
Does that mean no security patching and no updates for bugfixes? or does "no maintenance" means something else I'm missing?
I find it difficult to discuss these topics when comments like these pretend that you can leave your system exposed on the internet for years without any maintenance.
If we're talking applications that don't actively listen on the internet that's fine, and I would agree that we should have complete software that just works.
But a webserver, unless it's for personal/home use, it's on the internet and I don't see how it could work for 35 years without any update/change
Static html webservers don't really have any need for security patching or bugfixes constantly like dynamic complex stuff. They literally can just live forever. The sites themselves are just files. Not applications.
That's no use when your automated registrar stops working in 3 years because it went out of business or changed protocols. Let's Encrypt has been an outlier.
I’m not sure whether this applies globally, but in Japan, around 2015, some mobile carriers deployed a “traffic optimization” feature that would lossily compress images in transit.
On the platforms of NTT Docomo and KDDI (au), users could opt out of this behavior. However, with SoftBank, it could not be disabled, which led to controversy.
As you might expect, this caused issues—since the image data was modified, the hash values changed. As a result, some game apps detected downloaded image files as corrupted and failed to load them properly.
Needless to say, this was effectively a man-in-the-middle attack, so it did not work over HTTPS.
Within a couple of years, the feature seems to have been quietly discontinued.
There were also concerns that this might violate the secrecy of communications, but at least the government authorities responsible for telecommunications did not take any concrete action against it.
This event sounds much more realistic/common, the motivation of an ISP to save bandwidth costs is much more likely/frequent than the motivation of an ISP to monetize through ads (in addition to monthly service fees).
Where as my ISP did not put in ads, they did inject messages such as maintenance was going to occur and did things like redirect bad dns to their own search.
Also ISPs were monitoring and selling browsing data years ago.
Cox Communications used to do it in California to inject JS into sites. I remember seeing little Cox popup/toast messages in the corner of other sites.
When you put in law that ISPs should adhere to some government-provided blocklist, this is already a game over. No matter how sane your government is. The government in 10 years might be vastly different, and the ability to control the ISPs is too alluring to not abuse
I'd rather live in a world where you could find words like "kill all russians", or child porn, or blatant propaganda than to live with the government censorship. I lived in Russia and the experience was nightmare. Who knows, maybe if the government didn't have the tools they had then the independent media would still be reachable by an average russian, the pictures of the pointless massacre would be public and the war would be over in a week
reply